Monday, April 30, 2001		Article

British military finds answer to e-mail virus
By Stuart Millar

THE days of the global e-mail virus may be numbered. British Ministry of Defence (MoD) scientists have developed software that could prevent devastating, worldwide, mail-borne infections such as the infamous love bug.

Amid mounting concern in government and industry about the threat from virus-laden e-mails, the UK’s defence evaluation and research agency (DERA) says it has produced a simple but effective way of containing malicious viruses before they get the chance to spread to other computers and cause real damage.

The ease with which a well-designed virus can circumnavigate the globe was highlighted last May when millions of persons received an e-mail with the heading ILOVEYOU. Within hours the virus in the email — subsequently dubbed the love bug — caused an estimated $ 2.8 billion damage as it immobilised computer systems.

The virus, which was traced to the Philippines, was able to spread so rapidly because its first act on being opened by unsuspecting users was to send itself to every name in the users’ e-mail address books.

Since then e-mail-borne virus attacks have increased although none has created the same chaos. The latest big outbreak was in February when millions of persons opened up a virus masquerading as an e-mail picture of the Russian tennis player Anna Kournikova; it replicated itself around the world at twice the rate of the love bug.

These outbreaks have shown up the vulnerability of e-mail systems. Even the best security procedures can fail through computer users opening their unsolicited messages and letting loose the virus.

The DERA software, unveiled last week in London, claims to provide the answer. Based on research to protect highly sensitive government documents and computer systems from attack, the package turns conventional anti-virus thinking on its head: instead of attempting to stop the virus getting in, it prevents it from getting out and damaging other machines.

The principle behind the software, named ::Mail, appears simple - whenever users try to send an e-mail, ::Mail shows a box on the screen telling them what they are sending to whom, and asking them to confirm the command. If the user unwittingly opens an infected e-mail that then tries to replicate itself, the box will appear, warning them that the computer is trying to send e-mails. Although their own computer will be infected, with a click of the mouse, they will be able to prevent the virus escaping.

The new software is heavily protected from attack, removing the possibility of virus writers producing a code able to override the security.

Simon Wiseman, who led the team that developed the software, said: "Because most of the work we do is for the MoD we are experienced at preventing confidential information from getting out when it shouldn’t. This is an extension of that basic principle. While every other anti-virus company has concentrated on stopping things getting in, we are shutting down the propagation channels so that any damage is contained in the machines of those opening the infected message."